Solved

LDAP Query SCCM 2012 Check group membership

Posted on 2013-01-25
2
1,900 Views
Last Modified: 2013-04-22
Hi all,

I want to create a global Condition to check if a user is member of a group in AD
and add that Global condition to an application

1) Is this possible?
2) If so how

I have an LDAP Query that does this:
(&(objectClass=user)(sAMAccountName=yourUserName)(memberof=CN=YourGroup,OU=Users,DC=YourDomain,DC=com))

But i need to translate this into the SCCM 2012 Form

What do i add where?

LDAP Prefix:
Distiguished name:
Search Filter:
Search Scope:
Property:

any help is welcome
0
Comment
Question by:cornilm
2 Comments
 
LVL 31

Accepted Solution

by:
merowinger earned 500 total points
ID: 38818782
When creating a global condition select the folloowing options:

"Windows" as device type
"Setting" as condition type
"Active Directory" as Setting type

Then you can configure you LDAP Search for your specific Group.

I would enable AD User and Group Discovery and build User Collections to achieve this
0
 

Author Closing Comment

by:cornilm
ID: 39103474
sry for the late reply i have been sick
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question